15.SSL.standby

ssl vpn高可用性

a.ssl:

int f0/0

ip add 202.100.1.1 255.255.255.0

no sh

standby 1 ip 202.100.1.101

standby 1 priority 105

standby 1 prempt

standby 1 name ssl

int f1/0

ip add 10.1.1.1 255.255.255.0

no sh

s.ssl:

int f0/0

ip add 202.100.1.2 255.255.255.0

standby 1 ip 202.100.1.101

standby 1 preempt

standby 1 name ssl

int f1/0

ip add 10.1.1.2 255.255.255.0

inside.router:

inter f1/0

ip add 10.1.1.200 255.255.255.0

ip http server

a.ssl:

webvpn gateway gw

ip add 202.100.1.101 standby ssl

inservice

webvpn context c1

gateway gw

inservice

aaa authentication login noacs line none

line con 0

login authentication noacs

line aux 0

login autehntication noacs

aaa authentication webvpn local

webvpn context c1

aaa authentication list webvpn

username cisco password cisco

s.ssl:

webvpn gateway gw

inservice

ip add 202.100.1.101 standby ssl

exit

webvpn context c1

gateway gw

inservice

aaa new

aaa authentication login noacs line none

line con 0

login authentication no acs

line aux 0

login authentication noacs

aaa authentication login webvpn local

username cisco password cisco

webvpn context c1

aaa authentication list webvpn